Technology news and Jobs 
Information Technology News Macs vulnerable to complete control by attackers: FrSIRT
Information Technology News Macs vulnerable to complete control by attackers: FrSIRT | Macs vulnerable to complete control by attackers: FrSIRT |
|
| by Stan Beer | |
| Tuesday, 16 May 2006 | |
  
In two recently released notifications FrSIRT stated: "Apple has released security updates to address thirty-one vulnerabilities identified in Mac OS X. These flaws could be exploited by attackers to execute arbitrary commands, bypass security restrictions, disclose sensitive information, or cause a denial of service," and "twelve vulnerabilities have been identified in Apple QuickTime, which could be exploited by remote attackers to take complete control of an affected system." An example of a critical hole in the Mac OSX system is a "vulnerability due to an error in the bundle API that allows dynamic libraries to load and execute when a bundle is registered even if the client application does not explicitly request it, which could be exploited by attackers to execute arbitrary code from an untrusted bundle without user interaction." The full list of 31 vulnerabilities in detail can be found here. The QuickTime vulnerabilities are concerned mainly with exploitations associated with visiting malicious web pages. The full list of 12 vulnerabilities in detail can be found here. Mac users may not like to hear that their systems are vulnerable to attack but Apple itself has done the right thing and published the vulnerabilities with security updates - just like Microsoft does with Windows. Hopefully, they won't have to do it on a Tuesday of each month. {moscomment} |
Tags
| < Next story in category | Previous story in the category > |
|---|
